route leaking between global table and vrf in the same router

Unanswered Question
Jun 16th, 2008
User Badges:

Hi,


In my PE, i would like to access a computer 10.50.0.1 in vrf A from the global routing table.


I have this configuration :


int loopback0

ip address 10.0.0.1 255.255.255.255


int vlan 1

ip vrf forwarding A


ip route 10.50.0.1 255.255.255.255 Vlan1

ip route vrf A 10.0.0.1 255.255.255.255 loopback 0 10.0.0.1


ping 10.0.0.1 = 100%!!

ping vrf A 10.0.0.1 = 0%


ping 10.50.0.1 = 0%!!

ping vrf A 10.50.0.1 = 100%!!



sh ip route 10.50.0.1

Routing entry for 10.50.0.1/32

Known via "static", distance 1, metric 0 (connected)

Redistributing via ospf 1

Advertised by ospf 1 metric 20000 metric-type 1 subnets

Routing Descriptor Blocks:

* directly connected, via Vlan1

Route metric is 0, traffic share count is 1


sh ip route vrf Intranet 10.0.0.1

Routing entry for 10.0.0.1/32

Known via "static", distance 1, metric 0

Redistributing via bgp 65000

Advertised by bgp 65000

Routing Descriptor Blocks:

* 10.0.0.1, via Loopback0

Route metric is 0, traffic share count is 1



Did i miss something ?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
lee.reade Mon, 06/16/2008 - 02:24
User Badges:
  • Silver, 250 points or more

Hi,


Since the next hop of the vrf static route is the global routing table and not the vrf routing table, then this next hop wont resolve, you need to put the global keyword on the static route, ie;


ip route vrf A 10.0.0.1 255.255.255.255 loopback 0 10.0.0.1 global


Let me know if this works.


Cheers,


LR

mathieu.ploton Mon, 06/16/2008 - 03:03
User Badges:

When i try to add global to my command line, i have the error : invalid next hop adress (it's this router), how can i avoid this issue ?


Thank you again !

shivlu jain Mon, 06/16/2008 - 02:51
User Badges:
  • Silver, 250 points or more

When ever you want to access the routes except the vrf table then at the end of the route use the global keyword; by addding the global keyword we catually tell the router if it is not able to find the toute in the vrf table thn please search in the global routing table.


regards

shivlu



mathieu.ploton Mon, 06/16/2008 - 03:07
User Badges:

If you check the document you sent me (and that i had already seen in the cisco website), they never add the global keyword, do you know why ?

lee.reade Mon, 06/16/2008 - 03:08
User Badges:
  • Silver, 250 points or more

Hi,


What is it that you are trying to achieve by this? Just access to the loopback0 interface?


Can you try this instead,


ip route vrf A 10.0.0.1 255.255.255.255 loopback 0 global


Let me know,


Cheers,


LR

mathieu.ploton Mon, 06/16/2008 - 03:26
User Badges:

Ok it's working if I use another router as the next hop, now i'm trying to do the same with multicast adress. My computer is my broadcast system.


From the global routing table, i want to be able to subscripe to multicast streams from the broadcast system in the vrf A.

lee.reade Mon, 06/16/2008 - 03:35
User Badges:
  • Silver, 250 points or more

You want to be able to subscribe to multicast sources that are in the VRF, from the global routing table?


Hmm, ive never seen that done, so cant comment on whether or not it would work, but in theory I 'spose is should!


Cheers,


LR

lee.reade Mon, 06/16/2008 - 03:56
User Badges:
  • Silver, 250 points or more

Well wouldnt need mroutes, since you have statics in place and the traffic would come from where the statics point to.


However, I am not sure about the mcast state information, because you would be crossing a boundary, from vrf-global etc.


Where are the clients that wish to receive the mcast flows? Can they not be put into another vrf? If so things would be much easier and we could config mVPN.


Maybe Harold Ritter (from Cisco) could comment on getting mcast from a vrf into the global table?? Is it possible etc?


Cheers,


LR

mathieu.ploton Mon, 06/16/2008 - 04:09
User Badges:

Actually we want to avoid multicast into mpls vpn because we have a 2800 as a PE and it crashed when we activate multicast routing on VPN. So we setup a second router (not MPLS) so it can only get the global routing table and the clients are behind this router.


So now from a client desktop i can ping my broadcast station but not recieve a multicast stream, seem that i need to add something again...

lee.reade Mon, 06/16/2008 - 04:31
User Badges:
  • Silver, 250 points or more

I really cant see it working natively, ie from vrf into global table, i think you may need to config a GRE tunnel from the secondary router to the PE VRF interface and then run pim across it.


This will transport it across the core without the need for mcast in the core.


This should work,


Cheers,


LR


secondary router

int tu0

ip unn loopback0 (where loopback0 is reachabel from remote vrf, using the static route with global keyword)

tun source loopback0

tun destination REMOTE PE Loopback (this is also static on remote PE and redistributed into core IGP)

ip pim dense

IP MROUTE 0.0.0.0 0.0.0.0 tu 0


remote VRF PE router

int tu0

ip unn loopbac0

tun so loopback0

tun des REMOTE secondary LOOPBACK

IP PIM DENSE





mathieu.ploton Mon, 06/16/2008 - 04:55
User Badges:

Ok thank you again ! I can see it's quite a tricky configuration. I should probably retry to make multicast working through MPLS, it's the easiest way. Dun know why my 2800 crash in that case !


Thank you all !

Actions

This Discussion